A security update to WordPress 3.1 has been released to address a vulnerability that allowed Contributor-level users to improperly publish posts. The problem is to do with the “press this” bookmarklet and a lack of validation on the rights of the user submitting the post. The problem was found by WordPress’ Andrew Nacin working with Benjamin Balter. Wordpress recommend an immediate update to 3.1.2, especially if you allow users to register as contributors or if you have untrusted users.